An electronic device such as a smartphone or the like may provide an execution environment of an application supporting various functions. For example, the electronic device may control system resources, such as a storage space of a memory and the like, such that applications supporting functions, such as a call function, a camera shooting function, a web search function, and the like, are installed and executed.
Meanwhile, to enhance security, the electronic device may include a system resource that is restricted to be accessible only by code of a trusted application. For example, the electronic device may include a secure world such as Trust Zone and may manage significant data, such as authentication information, private information, and the like, a secure module, and the like separately in the secure world.
Also, in the case where code of an application is tampered with, the electronic device may enhance security by blocking an access to the secure world. For example, in the case of an application connecting to a network, code of the application may be tampered with by a hacker over the network, and significant data may be leaked out by the tampered code, that is, malicious code. For this reason, the electronic device may determine whether application code is tampered with and may restrict an access to the secure world based on the determination result. Alternatively, if application code is tampered with through rooting or the like, a security issue that a function or authority to use is changed to be different from an original purpose of the application may occur. For this reason, the electronic device may determine whether the application code is tampered with and may restrict an access to the secure world based on the determination result.
An electronic device may determine whether tampering with code is made, with respect to the whole code area of an application according to the related art. For example, according to the related art, the electronic device may determine whether the application code is tampered with, by dividing the application code into a plurality of segments, generating unique information (e.g., a hash value) for each of the divided segments, and comparing the unique information with unique information stored in advance in a memory.
However, to determine whether the whole code area of the application is tampered with may cause a decrease in performance of the electronic device. For example, as the number of segments increases, the generation of the unique information for each of the divided segments may cause an increase in a processing time and an increase in the burden of a system resource concerned in processing.
The above information is presented as background information only to assist with an understanding of the present disclosure. No determination has been made, and no assertion is made, as to whether any of the above might be applicable as prior art with regard to the present disclosure.